Cyberattacks across all industries are on the rise, but the numbers are particularly troubling for the legal industry. According to American Bar Association’s 2022 Legal Technology Survey Report, 27% of respondents claimed to have experienced a security breach – up from 25% the year before. An additional 25% reported not knowing if their firm had experienced a security breach. A 2021 report released by security firm BlueVoyant found that while 15% of thousands of law firms showed signs of compromised networks, all were subject to targeted threat activity. Finally, earlier this year The American Lawyer reviewed national data sets posted by four state governments. Between 2014 and 2019, fewer than 20,000 Americans had personally identifiable information compromised in a law firm breach. But between 2020 and 2022, that number grew to 779,000!
Over the last five to six years, there have been a number of notable attacks on law firms, starting with the 2017 ransomware attack on DLA Piper law firm. That led to several high-profile attacks in 2020, including the MAZE ransomware attack, the Seyfarth Shaw ransomware attack, and the Grubman Shire Meiselas & Sacks attack, in which hackers demanded $21 million – that they later doubled to $42 million after finding files and information related to Donald Trump and Lady Gaga. Cut to early 2023, and eSentire’s Threat Response Unit (TRU) detected 10 cyberattacks that hit six law firms in January and February alone.
So why the increase of cyberattacks in the legal industry? Law firms store a significant amount of sensitive data and client information that they — and their clients — don’t want released. This makes law firms especially vulnerable to ransomware attacks. There are three buckets of data that law firms store, each of which might make them a target.
You may assume that hackers only target the 100+ firms that handle high-profile clientele, but adversaries don’t discriminate, and small or solo practices are just as vulnerable as larger firms. This is mainly because small firms lack the security budgets of the big players, and hackers know their defenses are probably weaker.
In addition to smaller budgets, smaller firms, solo practices, and even mid-sized practices are also unlikely to have a security or IT team that can help set up appropriate defenses and take care of ongoing security monitoring. Hackers are aware of this and see these smaller firms as low-hanging fruit.
Not only can a cyberattack have devastating reputational and financial costs, but law firms might find themselves in need of legal services. There are a number of compliance mandates and confidentiality laws that law firms must adhere to depending on their location and the type of information they house.
For instance, law firms dealing with malpractice cases must adhere to HIPAA laws and New York law firms must meet the SHIELD law, which stipulates that law firms must implement “reasonable” security safeguards to protect their clients’ information. The American Bar Association’s Rule 1.6: Confidentiality of Information states that lawyers should “make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client”.
Step one is acknowledging that your firm is a target. It’s not a matter of if an attack happens, but when. To ensure you’re prepared when the attack comes, it’s advised to conduct a risk assessment at least once a year to ensure you have the appropriate defenses in place and are compliant with federal, state, and local laws and guidelines. Annual risk assessments are often also a requirement for cyber insurance, which is step number two.
Law firms of all sizes need to invest in the cybersecurity basics, including email protection, endpoint protection, endpoint detection and response, privilege account abuse detection, and cyber insurance. Despite rising premiums, cyber insurance is a vital component of a cybersecurity plan. Firms also need to assemble an incident response plan that lays out what needs to be done in the event of a breach and who is responsible for each task.
Most security breaches are a result of human error, so even the best technology won’t completely protect your firm. You need to conduct cybersecurity training and establish policies around email best practices, internet and social media usage, remote access, password protection, and more.
Given that most firms lack a robust in-house cybersecurity team, an outside vendor is typically necessary to ensure a strong security posture. Your firm needs a partner who can provide 24/7 monitoring and response services, review your cybersecurity plan to make sure it’s airtight; and, ideally, provide the necessary tools and technology to secure your firm.
While it’s rare to find such a partner, SolCyber is up to the challenge. Our Foundational Coverage ensures solo practices and small to mid-sized firms have everything they need and nothing they don’t. And we can get you up and running in days!
Ready to become cyber resilient? Reach out to the experts in cybersecurity to see how we can help.
LinkedIn: https://www.linkedin.com/company/solcyber-managed-security-services/
Twitter: https://twitter.com/SolCyberMSS
Facebook: https://www.facebook.com/solcybermssp
Instagram: https://www.instagram.com/solcyber_mssp/
No industry was more affected by the COVID-19 pandemic than the healthcare industry. While stories of frontline worker heroics and employee shortages took center stage, another important story has been brewing over the last few years — the significant increase in cybersecurity attacks in the healthcare space. With stay-at-home orders and social distancing requirements in […]
The importance of a curated stack, as told by a novice cyclist Around the start of Summer 2020 I began thinking: I really need to get outside more. This probably sounds familiar to anyone who was trying to make the best of a bad situation in 2020. I was already acclimated to a work-from-home situation, […]
If there’s one thing we can definitely say about the post-2020 era is that we’re all more open to “going digital.” This comes with its own advantages and disadvantages. We are more open to remote work, and have access to more opportunities than ever, but we’re also more likely to become victims of cybercrime too. […]
By subscribing you agree to with our Privacy Policy and provide consent to receive updates from our company.
